class LoginController < ApplicationController

before_filter :authorize, :except => [:login, :logout]
  def login
  	session[:employee_id] = nil
  	if request.post?
  		employee = Employee.authenticate(params[:username], params[:password]) #full name not unique
  		
  		if employee
  			session[:employee_id] = employee.id
  			session[:is_manager] = employee.is_manager
  			redirect_to(:controller => "employee", :action => "index")
		else
		  	flash.now[:notice] = "Invalid user/password combination"
		end
	end
  end

  def logout
	redirect_to(:action => "login")
  end

  def index
	  redirect_to(:action => "login")
  end
end

